In a world where IoT and AI are now part of toys, knowing the toys that have a security issue or a vulnerability is a must for any parent. This repo will hold a list of toys that fall into that category.
Important: This list is manually maintained and it is asked to everyone to help keep it up to date.
The following toys have either been in the media or knowing informed that they some form of vulnerability that can be harmful to kids.
Rule of thumb is: Toy has WiFi or Bluetooth capabilities, then it might have a vulnerability.
- Mattel’s Hello Barbie
- Furby Connect
- Wowee Chip
- Fisher-Price’s Smart Toy Bear
- I-Que Intelligent Robot
- Toy-fi Teddy
- CloudPets cuddly toys
- Marbotic Smart Letters
- pi lab Edwin the Duck
- Adidas - Adidas miCoach Smart Soccer Ball
- Evollve - Ozobot Evo
- Sensible Object LtD - Beasts of Balance
- Toymail - Toymail Talkie
- Sphero - Sphero SPRK+
- Tangible Play - Osmo
- Wonder Workshop - Dash the Robot
- Sphero - BB-8 by Sphero
- Zivix - AirJamz Air Guitar
- https://www.theguardian.com/technology/2015/nov/26/hackers-can-hijack-wi-fi-hello-barbie-to-spy-on-your-children
- https://inews.co.uk/news/technology/your-childrens-connected-toys-can-be-hacked-warn-experts/
- https://advocacy.mozilla.org/en-US/privacynotincluded/category/toys
After I have started this list I have got the link to this project that has a lot more than toys. Security is important and therefore adding them as a permanent resource to this list.